Lucene search
+L
SaintMost viewed

4305 matches found

saint
saint
•added 2013/08/14 12:0 a.m.•37 views

PineApp Mail-SeCure ldapsyncnow.php command injection

Added: 08/14/2013 BID: 61474 OSVDB: 95781 Background PineApp Mail-SeCure is an e-mail security appliance which provides perimeter security protection to stop threats prior to their penetration of the customer's network, as well as post-perimeter anti-spam content inspection. Problem A vulnerabili...

8AI score
Exploits0
saint
saint
•added 2013/07/24 12:0 a.m.•37 views

HP Data Protector CRS Opcode 211 Stack Buffer Overflow

Added: 07/24/2013 CVE: CVE-2013-2333 BID: 60309 OSVDB: 93867 Background HP Data Protector is an automated data backup solution. Problem A buffer overflow vulnerability in crs.exe when handling requests with opcode 211 allows remote attackers to execute arbitrary commands. Resolution Apply a patch...

10CVSS7.5AI score0.89809EPSS
Exploits8
saint
saint
•added 2013/07/18 12:0 a.m.•37 views

Novell ZENworks Mobile Management DUSAP.php Language Parameter Vulnerability

Added: 07/18/2013 CVE: CVE-2013-1082 BID: 60179 OSVDB: 91118 Background ZENworks Mobile Management ZMM offers centralized management tools that are useful for deploying new mobile devices in the workforce, whether those devices are company-issued or privately owned. ZMM ensures that users have th...

7.5CVSS7.3AI score0.12767EPSS
Exploits5
saint
saint
•added 2013/04/22 12:0 a.m.•37 views

BigAnt IM Server DDNF username Field Remote Overflow

Added: 04/22/2013 BID: 58998 OSVDB: 92239 Background BigAnt Messenger Server offers secure instant messaging, file transfer, voip, video chat, web conferencing and more. Problem BigAnt IM Server is vulnerable to buffer overflow in the expsrv.dll library as a result of improper validation of...

1AI score
Exploits0
saint
saint
•added 2013/02/28 12:0 a.m.•37 views

Internet Explorer SLayoutRun CParaElement Node Use After Free

Added: 02/28/2013 CVE: CVE-2013-0025 BID: 57830 OSVDB: 90122 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code in the context of the...

9.3CVSS9.2AI score0.55765EPSS
Exploits11
saint
saint
•added 2013/02/07 12:0 a.m.•37 views

Java JAX-WS statistics.impl package sandbox breach

Added: 02/07/2013 CVE: CVE-2012-5076 BID: 56054 OSVDB: 86350 Background Java API for XML Web Services JAX-WS is a technology for developing web services in Java. It is included in the Java EE 5 platform. Problem A vulnerability in JAX-WS when handling the...

10CVSS9.8AI score0.91013EPSS
Exploits18
saint
saint
•added 2013/02/07 12:0 a.m.•37 views

Java JAX-WS statistics.impl package sandbox breach

Added: 02/07/2013 CVE: CVE-2012-5076 BID: 56054 OSVDB: 86350 Background Java API for XML Web Services JAX-WS is a technology for developing web services in Java. It is included in the Java EE 5 platform. Problem A vulnerability in JAX-WS when handling the...

10CVSS9.7AI score0.91013EPSS
Exploits18
saint
saint
•added 2013/01/07 12:0 a.m.•37 views

RealPlayer InternetShortcut URL property buffer overflow

Added: 01/07/2013 CVE: CVE-2012-5691 BID: 56956 OSVDB: 88486 Background RealPlayer is a media player application which can play back various multimedia file formats. Problem A buffer overflow vulnerability in the GetPrivateProfileString function allows command execution when a user opens a...

9.3CVSS6.8AI score0.52703EPSS
Exploits8
saint
saint
•added 2012/12/17 12:0 a.m.•37 views

Novell File Reporter FSFUI File Upload

Added: 12/17/2012 CVE: CVE-2012-4959 BID: 56579 OSVDB: 87573 Background Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where...

10CVSS6.8AI score0.71194EPSS
Exploits21
saint
saint
•added 2012/11/16 12:0 a.m.•37 views

QuickTime plugin MIME type buffer overflow

Added: 11/16/2012 CVE: CVE-2012-3753 BID: 56438 OSVDB: 87088 Background QuickTime is a media player for Windows and Mac OS platforms. Problem A buffer overflow vulnerability in the QuickTime plugin allows command execution when a malicious web site sends a long, specially crafted MIME type...

9.3CVSS6.7AI score0.35078EPSS
Exploits9
saint
saint
•added 2012/11/13 12:0 a.m.•37 views

Indusoft Thin Client ISSymbol ActiveX Control InternationalSeparator buffer overflow

Added: 11/13/2012 CVE: CVE-2011-0340 BID: 47596 OSVDB: 72865 Background Indusoft Thin Client allows access to Indusoft Web Studio projects without requiring Web Studio to be installed. It includes the ISSymbol ActiveX control, which is also included in Indusoft Web Studio and Advantech Studio...

9.3CVSS6.7AI score0.32349EPSS
Exploits12
saint
saint
•added 2012/10/02 12:0 a.m.•37 views

Symantec Messaging Gateway Default SSH Password

Added: 10/02/2012 CVE: CVE-2012-3579 BID: 55143 OSVDB: 85028 Background Symantec Messaging Gateway is an email virus protection appliance that also provides antispam protection. Problem Symantec Messaging Gateway versions before 10.0 have a default password for the "support" account, which can be...

7.9CVSS6.6AI score0.40211EPSS
Exploits6
saint
saint
•added 2012/09/27 12:0 a.m.•37 views

EMC NetWorker nsrd Format String

Added: 09/27/2012 CVE: CVE-2012-2288 BID: 55330 OSVDB: 85116 Background EMC NetWorker is a centralized data backup solution. Problem In NetWorker versions 7.6.3 through 8.0, the nsrd RPC service is vulnerable to a format string vulnerability. Resolution NetWorker 7 users should apply EMC NetWorke...

9.3CVSS6.2AI score0.3312EPSS
Exploits9
saint
saint
•added 2012/09/27 12:0 a.m.•37 views

EMC NetWorker nsrd Format String

Added: 09/27/2012 CVE: CVE-2012-2288 BID: 55330 OSVDB: 85116 Background EMC NetWorker is a centralized data backup solution. Problem In NetWorker versions 7.6.3 through 8.0, the nsrd RPC service is vulnerable to a format string vulnerability. Resolution NetWorker 7 users should apply EMC NetWorke...

9.3CVSS6.2AI score0.3312EPSS
Exploits9
saint
saint
•added 2012/09/07 12:0 a.m.•37 views

IBM Lotus Notes URL Handler Command Execution

Added: 09/07/2012 CVE: CVE-2012-2174 BID: 54070 OSVDB: 83063 Background Lotus Notes is the client for Lotus Domino servers. Problem Lotus Notes 8.5.3 and earlier is vulnerable to remote code execution when handling a specially crafted URL. A remote attacker can pass the -RPARAMS command line...

9.3CVSS7.4AI score0.38291EPSS
Exploits11
saint
saint
•added 2012/09/07 12:0 a.m.•37 views

IBM Lotus Notes URL Handler Command Execution

Added: 09/07/2012 CVE: CVE-2012-2174 BID: 54070 OSVDB: 83063 Background Lotus Notes is the client for Lotus Domino servers. Problem Lotus Notes 8.5.3 and earlier is vulnerable to remote code execution when handling a specially crafted URL. A remote attacker can pass the -RPARAMS command line...

9.3CVSS7.4AI score0.38291EPSS
Exploits11
saint
saint
•added 2012/08/24 12:0 a.m.•37 views

Symantec Web Gateway pbcontrol.php Command Injection

Added: 08/24/2012 CVE: CVE-2012-2953 BID: 54426 OSVDB: 84120 Background Symantec Web Gateway protects organizations against multiple types of Web-based malware and prevents data loss over the Web. Problem Symantec Web Gateway 5.0.x.x before 5.0.3.18 is vulnerable to command injection due to...

10CVSS7.5AI score0.67389EPSS
Exploits9
saint
saint
•added 2012/07/23 12:0 a.m.•37 views

HP Data Protector Express Opcode 0x320 Overflow

Added: 07/23/2012 CVE: CVE-2012-0121 BID: 52431 OSVDB: 80102 Background HP Data Protector Express is a backup and recovery solution for single machines and small networks. Problem A stack overflow vulnerability exists in dpwindtb.dll. Validation of parameters to Opcode 0x320 requests are not...

10CVSS7.1AI score0.10436EPSS
Exploits4
saint
saint
•added 2012/07/16 12:0 a.m.•37 views

Apple QuickTime QTVRStringAtom stringLength Parameter QTVR Movie File Handling

Added: 07/16/2012 CVE: CVE-2012-0667 BID: 53583 OSVDB: 81938 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime 7.7.1 and earlier versions are vulnerable to remote code execution if the user is persuaded to open a specially crafted QTVR movie file. Th...

9.3CVSS7AI score0.03442EPSS
Exploits6
saint
saint
•added 2012/07/16 12:0 a.m.•37 views

Apple QuickTime QTVRStringAtom stringLength Parameter QTVR Movie File Handling

Added: 07/16/2012 CVE: CVE-2012-0667 BID: 53583 OSVDB: 81938 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime 7.7.1 and earlier versions are vulnerable to remote code execution if the user is persuaded to open a specially crafted QTVR movie file. Th...

9.3CVSS7AI score0.03442EPSS
Exploits6
saint
saint
•added 2012/06/29 12:0 a.m.•37 views

Adobe Flash Player Object Confusion Code Execution

Added: 06/29/2012 CVE: CVE-2012-0779 BID: 53395 OSVDB: 81656 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem Adobe Flash Player 11.2.202.233 and earlier on Windows is vulnerable to an "object confusion" vulnerability. A remote...

9.3CVSS7.7AI score0.85698EPSS
Exploits10
saint
saint
•added 2012/06/11 12:0 a.m.•37 views

GIMP Script-Fu Server Buffer Overflow

Added: 06/11/2012 CVE: CVE-2012-2763 BID: 53741 OSVDB: 82429 Background The GNU Image Manipulation Program GIMP is free software for tasks such as photo retouching, image composition, and image authoring. Problem The vulnerability is due improper boundary checking within the Script-Fu server...

7.5CVSS8AI score0.81722EPSS
Exploits14
saint
saint
•added 2012/04/27 12:0 a.m.•37 views

LANDesk ThinkManagement Suite ServerSetup.asmx Directory Traversal

Added: 04/27/2012 CVE: CVE-2012-1195 BID: 52023 OSVDB: 79276 Background LANDesk Lenovo ThinkManagement Console provides hardware discovery, comprehensive inventory, and reporting for Lenovo systems. Problem LANDesk Lenovo ThinkManagement Console runs a web application under the Microsoft IIS web...

7.5CVSS6.2AI score0.68399EPSS
Exploits11
saint
saint
•added 2012/03/28 12:0 a.m.•37 views

Novell ZENworks Configuration Management Preboot Service Opcode 4c Vulnerability

Added: 03/28/2012 CVE: CVE-2011-3176 BID: 52659 OSVDB: 80231 Background Novell ZENworks Configuration Management is an IT desktop computer management suite that provides the ability to install, configure and administer desktop computers from a centralized location. The product is based on a...

10CVSS6.7AI score0.69667EPSS
Exploits13
saint
saint
•added 2011/12/30 12:0 a.m.•37 views

Avaya WinPDM Unite Host Router service buffer overflow

Added: 12/30/2011 BID: 47947 OSVDB: 73269 Background Avaya Windows Portable Device Manager WinPDM is used for local administration and software download of various devices. Problem A buffer overflow vulnerability in Avaya WinPDM allows an attacker to execute arbitrary commands by sending a...

1.5AI score
Exploits0
saint
saint
•added 2011/11/07 12:0 a.m.•37 views

Oracle AutoVue AutoVueX ActiveX Control ExportEdaBom Arbitrary File Overwrite

Added: 11/07/2011 BID: 50332 OSVDB: 76539 Background Oracle AutoVue Enterprise Visualization is a suite of Oracle products designed to deliver a web-based capability to access, view, digitally annotate and collaborate on technical and business documents, without requiring specialized computer-aid...

6.7AI score
Exploits0
saint
saint
•added 2011/10/11 12:0 a.m.•37 views

NetSupport Client Handshake Hostname Overflow

Added: 10/11/2011 CVE: CVE-2011-0404 BID: 45728 OSVDB: 70408 Background NetSupport Manager is a remote desktop support solution. Problem The NetSupport client/server communication is carried out over a proprietary communications protocol. This protocol begins with a handshake between the client a...

7.5CVSS6.9AI score0.64739EPSS
Exploits8
saint
saint
•added 2011/09/13 12:0 a.m.•37 views

Citrix Access Gateway NESPA ActiveX Control

Added: 09/13/2011 CVE: CVE-2011-2882 BID: 48676 OSVDB: 74191 Background Citrix Access Gateway is an application remote-access solution. Problem The Citrix Access Gateway installs an ActiveX plug-in on the user's browser. Plug-in versions 8.1-67.7, 9.0-70.5, and 9.1-96.4 are vulnerable to a stack...

9.3CVSS6.3AI score0.56368EPSS
Exploits10
saint
saint
•added 2011/08/29 12:0 a.m.•37 views

QuickTime PICT PnSize Stack Overflow

Added: 08/29/2011 CVE: CVE-2011-0257 BID: 49144 OSVDB: 74687 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime versions prior to 7.7 are vulnerable to a stack overflow cause by improper validation of very large values in the the PnSize field of PICT...

9.3CVSS6.5AI score0.60106EPSS
Exploits14
saint
saint
•added 2011/08/29 12:0 a.m.•37 views

QuickTime PICT PnSize Stack Overflow

Added: 08/29/2011 CVE: CVE-2011-0257 BID: 49144 OSVDB: 74687 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime versions prior to 7.7 are vulnerable to a stack overflow cause by improper validation of very large values in the the PnSize field of PICT...

9.3CVSS6.5AI score0.60106EPSS
Exploits14
saint
saint
•added 2011/03/30 12:0 a.m.•37 views

Adobe Reader Flash AVM2 Memory Corruption

Added: 03/30/2011 CVE: CVE-2011-0609 BID: 46860 OSVDB: 71254 Background Adobe Reader is free software for viewing PDF documents. Problem Adobe Reader 9.x is vulnerable to a remote code execution vulnerability as a result of parsing flash content by the bundled Adobe Flash Player. Resolution Updat...

9.3CVSS8.3AI score0.66821EPSS
Exploits8
saint
saint
•added 2011/02/14 12:0 a.m.•37 views

Microsoft Windows Fax Cover Page Editor Double Free Memory Corruption Vulnerability

Added: 02/14/2011 CVE: CVE-2010-4701 BID: 45942 Background The Microsoft Windows Fax Service allows a Windows system to act as a fax server. One of the tools within the Windows Fax Service suite is the Fax Cover Page Editor fxscover.exe, which allows users to create their own customized cover...

7.6CVSS6.6AI score0.47832EPSS
Exploits5
saint
saint
•added 2010/12/22 12:0 a.m.•37 views

Microsoft Internet Explorer CSS Import Use-After-Free Code Execution

Added: 12/22/2010 CVE: CVE-2010-3971 BID: 45246 OSVDB: 69796 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Cascading Style Sheets CSS is a simple mechanism for adding style to web documents. Problem Microsoft Internet Explorer is...

9.3CVSS6.3AI score0.81663EPSS
Exploits9
saint
saint
•added 2010/12/01 12:0 a.m.•37 views

Microsoft Excel Drawing Exception Handling vulnerability

Added: 12/01/2010 CVE: CVE-2010-3335 BID: 44659 OSVDB: 69087 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A use-after-free vulnerability during exception handling in Microsoft Office allows comman...

9.3CVSS7.7AI score0.23915EPSS
Exploits5
saint
saint
•added 2010/11/16 12:0 a.m.•37 views

Internet Explorer CSS clip attribute memory corruption

Added: 11/16/2010 CVE: CVE-2010-3962 BID: 44536 OSVDB: 68987 Background Cascading Style Sheets CSS is a simple mechanism for adding style to web documents. Problem A memory corruption vulnerability allows command execution when a user loads a web page containing a CSS clip attribute with a specif...

9.3CVSS6.7AI score0.96889EPSS
Exploits14
saint
saint
•added 2010/08/12 12:0 a.m.•37 views

Microsoft Office Word RTF Parsing Engine Memory Corruption

Added: 08/12/2010 CVE: CVE-2010-1901 BID: 42132 OSVDB: 66995 Background Microsoft Office Word is Microsoft's word processing software, released as a component of Microsoft Office suite. Problem Microsoft Office Word does not perform sufficient data validation when handling rich text data. When Wo...

9.3CVSS6.8AI score0.19399EPSS
Exploits5
saint
saint
•added 2010/07/22 12:0 a.m.•37 views

Microsoft Office Excel Malformed Obj Record Stack Buffer Overflow

Added: 07/22/2010 CVE: CVE-2010-0822 BID: 40520 OSVDB: 65236 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem Microsoft Excel is vulnerable to a buffer overflow when processing malformed OBJ recType...

9.3CVSS7.4AI score0.70121EPSS
Exploits21
saint
saint
•added 2010/07/16 12:0 a.m.•37 views

Microsoft Outlook SMB Attachment ATTACH_BY_REFERENCE vulnerability

Added: 07/16/2010 CVE: CVE-2010-0266 BID: 41446 OSVDB: 66296 Background Microsoft Outlook is an e-mail client which also provides calendar, scheduling, contact management, and information sharing capabilities. Problem A vulnerability in Microsoft Outlook allows command execution when a user opens...

9.3CVSS6AI score0.55278EPSS
Exploits11
saint
saint
•added 2010/06/24 12:0 a.m.•37 views

TweakFS Zip Utility for FSX filename buffer overflow

Added: 06/24/2010 CVE: CVE-2010-1458 BID: 39565 OSVDB: 63899 Background The TweakFS Zip Utility is included in the TweakFS Flight Simulator X Utilities. Problem A buffer overflow vulnerability in the TweakFS Zip Utility allows command execution when a user opens a ZIP archive containing a long,...

6.8CVSS6.8AI score0.04668EPSS
Exploits10
saint
saint
•added 2010/05/28 12:0 a.m.•37 views

HP OpenView Network Node Manager getnnmdata.exe CGI Hostname buffer overflow

Added: 05/28/2010 CVE: CVE-2010-1555 BID: 40072 OSVDB: 64976 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability in Network Node Manager allows remote attackers to execute arbitrary commands by sending a...

10CVSS7.7AI score0.64447EPSS
Exploits13
saint
saint
•added 2010/05/28 12:0 a.m.•37 views

Apple Safari parent.close() Invalid Pointer Code Execution

Added: 05/28/2010 CVE: CVE-2010-1939 BID: 39990 OSVDB: 64482 Background Safari is a web browser for Mac OS X and Windows. Problem Apple Safari 4.0.5 for Windows and probably earlier allows remote attackers to execute arbitrary code by enticing the user to open a crafted HTML document. The crafted...

7.6CVSS6.9AI score0.14708EPSS
Exploits5
saint
saint
•added 2010/04/22 12:0 a.m.•37 views

Internet Explorer Tabular Data Control DataURL memory corruption

Added: 04/22/2010 CVE: CVE-2010-0805 BID: 39025 OSVDB: 63329 Background Tabular Data Control.aspx is an ActiveX control which can be used to display data from a delimited text file. Problem A memory corruption vulnerability allows command execution when a user loads a web page which invokes Tabul...

9.3CVSS8.2AI score0.80603EPSS
Exploits13
saint
saint
•added 2010/04/02 12:0 a.m.•37 views

Internet Explorer iepeers.dll use-after-free vulnerability

Added: 04/02/2010 CVE: CVE-2010-0806 BID: 38615 OSVDB: 62810 Background The iepeers.dll component of Internet Explorer provides support for Web Folders and printing. Problem A vulnerability in iepeers.dll allows a specially crafted web page to cause a pointer to be used after it has been freed,...

9.3CVSS8.1AI score0.82172EPSS
Exploits15
saint
saint
•added 2010/02/17 12:0 a.m.•37 views

Wireshark LWRES dissector buffer overflow

Added: 02/17/2010 CVE: CVE-2010-0304 BID: 37985 OSVDB: 61987 Background Wireshark is a network packet analyzer. Problem A buffer overflow vulnerability in the LWRES dissector allows command execution when a user sends a specially crafted datagram over a network which is being analyzed by Wireshar...

7.5CVSS6.7AI score0.73666EPSS
Exploits12
saint
saint
•added 2010/01/20 12:0 a.m.•37 views

Adobe Illustrator EPS File DSC Comment Buffer Overflow

Added: 01/20/2010 CVE: CVE-2009-4195 BID: 37192 OSVDB: 60632 Background Adobe Illustrator software is a comprehensive vector graphics environment for creative professionals that is used for both drawing and typographical work. Illustrator supports several vector file formats including AI, CDR, PD...

9.3CVSS6.8AI score0.70684EPSS
Exploits8
saint
saint
•added 2010/01/12 12:0 a.m.•37 views

Novell iPrint Client ienipp.ocx target-frame buffer overflow

Added: 01/12/2010 CVE: CVE-2009-1568 BID: 37242 OSVDB: 60803 Background Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Control ActiveX control named ienipp.ocx. Problem A buffer overflow in ienipp.ocx allows command...

9.3CVSS6.8AI score0.32168EPSS
Exploits9
saint
saint
•added 2009/11/06 12:0 a.m.•37 views

Java Runtime Environment HsbParser.getSoundBank Stack Buffer Overflow

Added: 11/06/2009 CVE: CVE-2009-3867 BID: 36881 OSVDB: 59711 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java...

9.3CVSS7.4AI score0.73376EPSS
Exploits11
saint
saint
•added 2009/07/24 12:0 a.m.•37 views

Novell Client NetIdentity Agent XTIERRPCPIPE pointer dereference vulnerability

Added: 07/24/2009 CVE: CVE-2009-1350 BID: 34400 OSVDB: 53351 Background Novell Client software provides NetWare connectivity to Windows platforms. Problem A vulnerability in the xtagent.exe program allows remote, authenticated attackers to execute arbitrary commands by sending a specially crafted...

10CVSS7AI score0.65934EPSS
Exploits7
saint
saint
•added 2009/06/30 12:0 a.m.•37 views

Unisys Business Information Server mnet.exe buffer overflow

Added: 06/30/2009 CVE: CVE-2009-1628 BID: 35494 OSVDB: 55435 Background The Unisys Business Information Server is an information management solution which provides data access across an enterprise. It includes the mnet.exe program which listens for connections on ports 3985/TCP and 3986/TCP...

10CVSS7.5AI score0.05244EPSS
Exploits4
saint
saint
•added 2009/06/05 12:0 a.m.•37 views

Novell GroupWise Internet Agent e-mail address buffer overflow

Added: 06/05/2009 CVE: CVE-2009-1636 BID: 35064 OSVDB: 54645 Background Novell GroupWise is an e-mail and collaboration product suite. Problem A buffer overflow vulnerability allows a remote attacker to execute arbitrary commands by sending a message containing a specially crafted e-mail address ...

10CVSS7.7AI score0.08435EPSS
Exploits5
Total number of security vulnerabilities4305